package com.tidc.seaserverweb.filter;


import com.tidc.seaservermodel.util.RedisUtil;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
@Slf4j
public class AuthenticationTokenFilter extends OncePerRequestFilter {
    private static String[] LOSE_URL = {"/ilogin", "/hello", "/login"};
    private static String[] ADMIN_URL = {"/rabbit/add/experience","/rabbit/punishment/experience","/rabbit/send/email",
                                        "/rabbit/task/check/timeout","/rabbit/check/commitment/out",
                                        "/rabbit/clear/rabbit"};
    @Resource
    private RedisUtil redisUtil;

    @SneakyThrows
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, javax.servlet.FilterChain filterChain) throws ServletException, IOException {
        String url = request.getRequestURI();
        boolean loseFlag = true;
        boolean adminFlag = false;
        for (String s : LOSE_URL) {
            if (url.contains(s)) {
                loseFlag = false;
                break;
            }
        }
        for (String s : ADMIN_URL) {
            if (url.contains(s)) {
                adminFlag = true;
                loseFlag = false;
                break;
            }
        }
        //内部请求
        if (adminFlag) {
            String authHeader = request.getHeader("organization");
            if (authHeader != null && authHeader.equals("TIDC")) {
                UserDetails userDetails = new User("openId", "password",
                        true, true, true, true,
                        AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_admin"));
                UsernamePasswordAuthenticationToken authenticationToken
                        = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                SecurityContextHolder.getContext().setAuthentication(authenticationToken);
            }
        }
        if (loseFlag) {
            String authHeader = request.getHeader("Authorization");
            if (null != authHeader && authHeader.startsWith("Bearer ")) {
                String token = authHeader.substring("Bearer ".length());
                UserDetails userDetails = (UserDetails) redisUtil.getObject(token);
                if (userDetails != null) {
                    UsernamePasswordAuthenticationToken authenticationToken
                            = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                    SecurityContextHolder.getContext().setAuthentication(authenticationToken);
                }
            }
        }
        filterChain.doFilter(request, response);
    }
}